<?php
date_default_timezone_set('Europe/Madrid');

include ("../../protected/mysqlsettings.php"); /*Load global functions and lines in all php pages*/
$dbc=@mysql_connect($server, $username, $password) or die ("FATAL ERROR: MySQL connection can't be established!"); /*mysql_connect("URL","USER_MYSQL","PASSWORD")*/
mysql_select_db ("treedb") or die ("FATAL ERROR: MySQL connection success, but cannot open the data base."); /*mysql_select_db ("DATABASE")*/
mysql_set_charset('UTF8'); /*Sets the charget on UTF-8*/
/*
LOGIN CONTROLLER.
>>> 
if(HasLogged()) {}
<<<
TRUE: The user/teacher has logged it in the database.
FALSE: Is anonymous (not logged)
*/
function HasLogged() {
	if(isset($_SESSION["logID"])) { return TRUE; }
	else { return FALSE; }
}
/*
FIELD PROTECTOR (prevents XSS atack or inject script's)
>>
$hello=SuprCode($hello);
<<
This function dosen't allow to inject script's; html; javascript; unauthoriced injection SQL or XSS. This function secures the container never executed in PHP or caused injection.
Causes to: Disable any code (strong vs "textbox")
*/
function SuprCode($scparam1) {
	$scparam1=mysql_real_escape_string(stripslashes(trim(strip_tags(htmlentities($scparam1)))));
	return $scparam1;
}

function correctDate($actDateEntered, $dateExpEntered){
	if(preg_match('/^(2[0-9][0-9][0-9])-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/', $actDateEntered) && preg_match('/^(2[0-9][0-9][0-9])-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/', $dateExpEntered))
		{ 
			return TRUE; 
		} else { return FALSE; }
}
/*
Date CONTROLLER.
>>> 
if(correctDate($actDateEntered, $dateExpEntered)) {}
<<<
TRUE: Date entered is ok.
FALSE: Date entered is wrong.
*/
?>